Abstract
JSConTest introduced the notions of effect monitoring and dynamic effect inference for JavaScript. It enables the description of effects with path specifications resembling regular expressions. It is implemented by an offline source code transformation.
To overcome the limitations of the JSConTest implementation, we redesigned and reimplemented effect monitoring by taking advantange of JavaScript proxies. Our new design avoids all drawbacks of the prior implementation. It guarantees full interposition; it is not restricted to a subset of JavaScript; it is self-maintaining; and its scalability to large programs is significantly better than with JSConTest.
The improved scalability has two sources. First, the reimplementation is significantly faster than the original, transformation-based implementation. Second, the reimplementation relies on the fly-weight pattern and on trace reduction to conserve memory. Only the combination of these techniques enables monitoring and inference for large programs.
- M. Almeida, N. Moreira, and R. Reis. Antimirov and mosses's rewrite system revisited. Int. J. Found. Comput. Sci., 20 (4): 669--684, 2009.Google Scholar
Cross Ref
- V. M. Antimirov. Rewriting regular inequalities (extended abstract). In H. Reichel, editor, FCT, volume 965 of Lecture Notes in Computer Science, pages 116--125. Springer, 1995. Google Scholar
Digital Library
- V. M. Antimirov. Partial derivates of regular expressions and finite automata constructions. In STACS, pages 455--466, 1995.Google Scholar
Cross Ref
- V. M. Antimirov and P. D. Mosses. Rewriting extended regular expressions. In Developments in Language Theory, pages 195--209, 1993.Google Scholar
- T. H. Austin, T. Disney, and C. Flanagan. Virtual values for language extension. In C. V. Lopes and K. Fisher, editors, OOPSLA, pages 921--938, Portland, OR, USA, 2011. ACM. ISBN 978-1-4503-0940-0. Google Scholar
Digital Library
- R. L. Bocchino Jr., V. S. Adve, D. Dig, S. V. Adve, S. Heumann, R. Komuravelli, J. Overbey, P. Simmons, H. Sung, and M. Vakilian. A type and effect system for deterministic parallel Java. In S. Arora and G. T. Leavens, editors, Proceedings of the 24th ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages, and Applications, pages 97--116, Orlando, Florida, USA, 2009. ACM Press, New York. ISBN 978-1-60558-766-0. Google Scholar
Digital Library
- F. Bonchi and D. Pous. Checking NFA equivalence with bisimulations up to congruence. In R. Giacobazzi and R. Cousot, editors, POPL, pages 457--468. ACM, 2013. Google Scholar
Digital Library
- G. Bracha and D. Ungar. Mirrors: design principles for meta-level facilities of object-oriented programming languages. In J. M. Vlissides and D. C. Schmidt, editors, OOPSLA, pages 331--344. ACM, 2004. Google Scholar
Digital Library
- J. Brant, B. Foote, R. E. Johnson, and D. Roberts. Wrappers to the rescue. In E. Jul, editor, ECOOP, volume 1445 of Lecture Notes in Computer Science, pages 396--417. Springer, 1998. Google Scholar
Digital Library
- J. A. Brzozowski. Derivatives of regular expressions. Journal of the ACM, 11 (4): 481--494, 1964. Google Scholar
Digital Library
- L. Burdy, Y. Cheon, D. R. Cok, M. D. Ernst, J. R. Kiniry, G. T. Leavens, K. R. M. Leino, and E. Poll. An overview of JML tools and applications. Int. J. Softw. Tools Technol. Transf., 7 (3): 212--232, 2005. ISSN 1433-2779. http://dx.doi.org/10.1007/s10009-004-0167-4. Google Scholar
Digital Library
- Y. Cheon. A Runtime Assertion Checker for the Java Modeling Language. PhD thesis, Iowa State University, Apr. 2003. TR#03-09.Google Scholar
- R. Chugh, J. A. Meister, R. Jhala, and S. Lerner. Staged information flow for JavaScript. In M. Hind and A. Diwan, editors, phPLDI, pages 50--62. ACM, 2009. Google Scholar
Digital Library
- T. V. Cutsem and M. S. Miller. Proxies: design principles for robust object-oriented intercession APIs. In W. D. Clinger, editor, DLS, pages 59--72. ACM, 2010. ISBN 978-1-4503-0405-4. Google Scholar
Digital Library
- P. T. Eugster. Uniform proxies for Java. In P. L. Tarr and W. R. Cook, editors, OOPSLA, pages 139--152. ACM, 2006. Google Scholar
Digital Library
- M. Fähndrich, M. Barnett, and F. Logozzo. Embedded contract languages. In S. Y. Shin, S. Ossowski, M. Schumacher, M. J. Palakal, and C.-C. Hung, editors, SAC, pages 2103--2110, Sierre, Switzerland, 2010. ACM. ISBN 978-1-60558-639-7. Google Scholar
Digital Library
- E. Fredkin. Trie memory. Commun. ACM, 3 (9): 490--499, Sept. 1960. Google Scholar
Digital Library
- D. Gifford and J. Lucassen. Integrating functional and imperative programming. In Proceedings of the 1986 ACM Conf. on Lisp and Functional Programming, pages 28--38, Cambridge, Massachusetts, United States, 1986. ACM Press. Google Scholar
Digital Library
- A. Greenhouse and J. Boyland. An object-oriented effects system. In R. Guerraoui, editor, 13th European Conference on Object-Oriented Programming, volume 1628 of Lecture Notes in Computer Science, pages 205--229, Lisbon, Portugal, June 1999. Springer-Verlag. ISBN 3-540-66156-5. Google Scholar
Digital Library
- A. Guha, C. Saftoiu, and S. Krishnamurthi. The essence of JavaScript. In T. D'Hondt, editor, ECOOP, volume 6183 of Lecture Notes in Computer Science, pages 126--150. Springer, 2010. Google Scholar
Digital Library
- D. Hedin and A. Sabelfeld. Information-flow security for a core of JavaScript. In S. Chong, editor, CSF, pages 3--18. IEEE, 2012. Google Scholar
Digital Library
- P. Heidegger and P. Thiemann. Contract-driven testing of JavaScript code. In J. Vitek, editor, phTOOLS (48), volume 6141 of phLecture Notes in Computer Science, pages 154--172, Málaga, Spain, June 2010. Springer. ISBN 978-3-642-13952-9. Google Scholar
Digital Library
- P. Heidegger and P. Thiemann. A heuristic approach for computing effects. In J. Bishop and A. Vallecillo, editors, TOOLS (49), volume 6705 of Lecture Notes in Computer Science, pages 147--162, Zurich, Switzerland, June 2011. Springer. ISBN 978-3-642-21951-1. Google Scholar
Digital Library
- P. Heidegger, A. Bieniusa, and P. Thiemann. Access permission contracts for scripting languages. In POPL, pages 111--122, Philadelphia, USA, Jan. 2012. ACM Press. Google Scholar
Digital Library
- F. Henglein and L. Nielsen. Regular expression containment: coinductive axiomatization and computational interpretation. DBLP:conf/popl/2011, pages 385--398. ISBN 978-1-4503-0490-0. Google Scholar
Digital Library
- J. hoon (David) An, A. Chaudhuri, J. S. Foster, and M. Hicks. Dynamic inference of static types for Ruby. IncitetDBLP:conf/popl/2011, pages 459--472. ISBN 978-1-4503-0490-0. Google Scholar
Digital Library
- E. International. phStandard ECMA-262, volume 5. 2009.Google Scholar
- S. H. Jensen, A. Møller, and P. Thiemann. Type analysis for JavaScript. In Proc. 16th International Static Analysis Symposium, SAS '09, volume 5673 of Lecture Notes in Computer Science, pages 238--255, Los Angeles, CA, USA, Aug. 2009. Springer-Verlag. Google Scholar
Digital Library
- S. Just, A. Cleary, B. Shirley, and C. Hammer. Information flow analysis for javascript. In Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients, PLASTIC '11, pages 9--18, New York, NY, USA, 2011. ACM. Google Scholar
Digital Library
- M. Keil and P. Thiemann. Efficient access analysis using JavaScript proxies. Technical report, Institute for Computer Science, University of Freiburg, 2013.Google Scholar
- V. Komendantsky. Regular expression containment as a proof search problem. In PSATTT'11: International Workshop on Proof-Search in Axiomatic Theories and Type Theories, Wroclaw, Pologne, 2011. Germain Faure, Stéphane Lengrand, Assia Mahboubi.Google Scholar
- A. Krauss and T. Nipkow. Proof pearl: Regular expression equivalence and relation algebra. J. Autom. Reasoning, 49 (1): 95--106, 2012. Google Scholar
Digital Library
- G. T. Leavens, A. L. Baker, and C. Ruby. JML: A notation for detailed design. In H. Kilov, B. Rumpe, and I. Simmonds, editors, Behavioral Specifications of Businesses and Systems, pages 175--188, Norwell, MA, USA, 1999. Kluwer Academic Publishers.Google Scholar
Digital Library
- G. T. Leavens, Y. Cheon, C. Clifton, C. Ruby, and D. R. Cok. How the design of JML accommodates both runtime assertion checking and formal verification. Science of Computer Programming, 55 (1--3): 185--208, 2005. Google Scholar
Digital Library
- H. Lehner. A Formal Definition of JML in Coq and its Application to Runtime Assertion Checking. PhD thesis, ETH Zurich, Switzerland, 2011.Google Scholar
- H. Lehner and P. Müller. Efficient runtime assertion checking of assignable clauses with datagroups. In D. S. Rosenblum and G. Taentzer, editors, FASE, volume 6013 of Lecture Notes in Computer Science, pages 338--352, Paphos, Cyprus, 2010. Springer. ISBN 978-3-642-12028-2. Google Scholar
Digital Library
- M. S. Miller. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. PhD thesis, Johns Hopkins University, Baltimore, Maryland, USA, May 2006. Google Scholar
Digital Library
- M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Safe active content in sanitized JavaScript. Technical report, Tech. Rep., Google, Inc, 2008.Google Scholar
- S. Owens, J. H. Reppy, and A. Turon. Regular-expression derivatives re-examined. J. Funct. Program., 19 (2): 173--190, 2009. Google Scholar
Digital Library
- P. H. Phung and L. Desmet. A two-tier sandbox architecture for untrusted JavaScript. In phProceedings of the Workshop on JavaScript Tools, JSTools '12, pages 1--10, New York, NY, USA, 2012. ACM. Google Scholar
Digital Library
- POPL 2011. Proceedings 38th Annual ACM Symposium on Principles of Programming Languages, Austin, TX, USA, Jan. 2011. ACM Press. ISBN 978-1-4503-0490-0.Google Scholar
- G. Rosu and M. Viswanathan. Testing extended regular language membership incrementally by rewriting. In R. Nieuwenhuis, editor, RTA, volume 2706 of Lecture Notes in Computer Science, pages 499--514. Springer, 2003. Google Scholar
Digital Library
- T. Van Cutsem and M. S. Miller. On the design of the ECMAScript reflection API. Technical report, Technical Report VUB-SOFT-TR-12-03, Vrije Universiteit Brussel, 2012.Google Scholar
- E. Wernli, P. Maerki, and O. Nierstrasz. Ownership, filters and crossing handlers: flexible ownership in dynamic languages. In A. Warth, editor, phDLS, pages 83--94. ACM, 2012. Google Scholar
Digital Library
Index Terms
Efficient dynamic access analysis using JavaScript proxies
Recommendations
Efficient dynamic access analysis using JavaScript proxies
DLS '13: Proceedings of the 9th symposium on Dynamic languagesJSConTest introduced the notions of effect monitoring and dynamic effect inference for JavaScript. It enables the description of effects with path specifications resembling regular expressions. It is implemented by an offline source code transformation.
...







Comments